VPN down script not on shutdown, only on disconnect

How to customize and extend your OpenVPN installation.
Post Reply
PhYrE
OpenVpn Newbie
Posts: 1
Joined: Tue Sep 10, 2019 3:47 pm

VPN down script not on shutdown, only on disconnect

Post by PhYrE » Tue Sep 10, 2019 3:53 pm

Windows OpenVPN client.
I have a down script (script with the same name as my OVPN file + "_down.bat") in the config folder. It looks as follows:

Code: Select all

@echo off
REM if domain joined, will get drive mapping from GPO, but if not, should map and unmap on connect/disconnect
if /I not "%USERDOMAIN%" == "mydomain" (
    if exist K:\ (
        net use K: /DELETE
    )
)
For completeness, my _up.bat script in case it helps anyone who may find this thread down the road

Code: Select all

@echo off
REM if domain joined, will get from GPO
if /I not "%USERDOMAIN%" == "mydomain" (
    REM If drive exists already, skip
    if not exist K:\ (
        REM Map away (credentials need to be in credential manager. Start | Credential Manager | Windows Credentials)
        net use K: \\servername\sharename
    )
)
If I connect and disconnect from the VPN, it works perfectly- sets up the drive mapping after the VPN and DNS (which has servername) comes up. Removes the drive when the VPN drops to keep things clean. I can't say I would change a thing about this setup. If it's domain joined the drive letter is already there, so that's a non-issue.

When I shutdown I often get errors that the batch script can't run. Likely this is because Windows won't let OpenVPN launch a new program while it's in the process of shutting down. Is there a way to make OpenVPN avoid running the script if the down of the VPN tunnel is because of a shutdown, or if the machine is in the process of shutting down? It's not the end of the world to click 'OK' to the message on shutdown, but still would be nicer if it handled it gracefully.

Thoughts?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5923
Joined: Fri Jun 03, 2016 1:17 pm

Re: VPN down script not on shutdown, only on disconnect

Post by TinCanTech » Tue Sep 10, 2019 4:58 pm

You could try using --route-pre-down

Post Reply